Hacking from a security professional's view

This is an article on Hacking from a security professional's view in Ethical hacking Tips.

Special thanx to my friend Tr for helping me....

Introduction

Computer technology is growing now more than ever. It's now the golden age for information communication. With new systems and technology coming out, so do new flaws and vulnerabilities. There are people that take these flaws and use them to do harm to other systems. Viruses are still a big threat, and social engineering is another way attackers can harm your system. With the number of attackers and flaws around, it may seem all is lost. But all is not. This paper takes into account the many ways an attacker gets in, how he or she keeps control, then how the attacker sneaks out. This paper also contains many examples of viruses, and other ways attackers attack your computer. This paper is meant for informational uses only. I am not responsible for people who use this information for illegal purposes. Also, given the circumstances, all viruses in this paper are run on older versions of Windows (Windows 98 and Windows 95).

Every day I use a computer the first thing I think about is what is wrong with it. For example, is the Internet filter good enough to stop me from going to any site? Or are there ways to be able to stop the administrator computer from looking in on me, or any other thing? These are all harmless, but an attacker looks for ways to harm computers. They hunt for ways to cause the computer to malfunction or get some information from it.

Information technology has changed over the years. There was a time when you could go in a room and talk to others without anyone knowing what you were saying. Now governments can use technology to hear what you say from to two to five miles away. There is new technology that can read exactly whatís on your computer screen from a safe location. In 1995, a 28-year-old attacker from Russia made a $12 million by breaking in to Citibank's computers. (Thatís something to ask next time the bank says it canít be robbed).

Social engineering is also a big risk. This happens when someone pretends to be someone or something they are not. Users of e-mail see this when they get messages from banks or e-Bay that ask for social security numbers, credit card numbers or other personal information. Many people try this but the most infamous was Kevin Mitnick. Mitnick was finally arrest and admitted that he social engineered passwords and major flaws just by pretending he was someone else. This kind of attack takes little or no computer skill.

Viruses are also a big risk. Some of the most worst ones are Melissa virus, Klez Virus, Chernobyl virus, Michelangelo, and happy99. These viruses all depend on computer users opening an e-mail and downloading an executable file.

The issue of users downloading viruses is now bigger than ever, because:

1. Now is the golden age of technology
2. Many companies transfer a lot of sensitive information
3. More and more tools come out every day
4. There are more and more users of computers now than ever before

These are just a few reasons viruses are a big issue. Attackers donít need to be elite hackers to cause big problems. One simple click, a download of a tool and voila' -- the attacker is in your computer. Most of the time, free shareware hacker tools are not that hard to get rid of, but some tools can cause major damages to your computer. Attackers are no longer just strangers. They're also the people that work for you. Employees can damage your systems; even the people that used to work for you can.

According to the book Hack-Counterhack by Ed Skoudis, there are many steps an attacker will follow when hacking a computer.

Hackers don't always work in this order, but the idea is to cause the most damage possible.

Letís start with reconnaissance. Reconnaissance is when the attacker looks up their target. There are many ways of doing this, including social engineering, dumpster diving, and physical break-in. People also are using the Internet to find information on a target such as a phone number or e-mail address, technical information, and billing contacts. There are great Internet tools that can gather a lot of information on individuals. They can do a DNS lookup to **********. They can ping the host to determine if it's an actual person's computer or a firewall. They can also perform a "who is" lookup to gather more information on an individual.

Now that we know how attacker use reconnaissance, let's learn how protect from various attacks from internet lookups.People have several options to stop "who is" lookups.

1. Donít input phony information (if someone gets attacked, they may need to contact your organization)
2. If you have a Web site, make sure everything on your site has a purpose
3. Remove anything that could help an attacker
4. If any other Web sites are linking to you, ask them why

Internet users should know how to stop a ping, which is a utility used to determine whether a particular computer is currently connected to the Internet. It works by sending a packet to an IP address and waiting for a reply. (http://www.oit.ohio-state.edu/glossary/gloss3.html)To combat this problem, put up a simple firewall and close all the ports youíre not using. As you can see, thereís a lot to reconnaissance, and it should not be taken lightly. Always make sure that you keep your organization's information up to date. Make sure your web site only has business information and nothing that could help an attacker.

Scanning is also very important. It starts when an attacker scans your network for open ports using a port scanner. There are many port scanners available and most of them are the same. A port scanner sends a small signal to each port really fast to see if it's open or not. If it's not (or if it's open) it goes to the next port. After the scan, it tells the attacker which ports are open. Port scanners can also scan for vulnerabilities. This is great tool to run on your computer, but it can also be used to scan anyone's computer. This tool perfect for an attacker because not only does it tell the attacker what ports are open, it also tells what vulnerabilities there are with each open port.

Now its time learn how to protect your computer from port scanners. The simplest way is to download a firewall and close all the ports. (You can get one for free with Windows XP Service Pack 2, or you can download one from http://www.zonelabs.com/store/conten...eeDownload.jsp.)

After reconnaissance and scanning, it's time for the attacker to try to gain access to your computer. If the attacker has physical access to the computer, it makes life easier for him or her. Let's look at password cracking. There are tools that a hacker can download to crack your computer password. A normal tool an attacker will use can be downloaded for free and runs on Windows. Before the attacker can hack the passwords, the attacker well need the password hashes (the encrypted form of a password). Using the free cracking program, the hacker will run the hashes though the password cracker.

Here some ways to stop hackers:

1. Use passwords like "9ilikelowe9" that use both numbers and letters
2. Make sure to give administrator power to people you trust

Keeping access is the easiest way for an attacker. If the attacker has the password, and physical access to the computer, all they have to do is download a Trojan Horse. Once this happens, the attacker has full control of the computer. If the Trojan horse is on the administrative computer, they have all the control the administrator would have.

To stop a Trojan Horse, look for:

1. New software
2. New changes to settings or registry on the computer
3. Anti-virus is great for keeping up with Trojan Horses

Now that the attacker has what he wants. Let's look at how they cover their tracks. One way, and the only way I am going to talk about, is very simple. All the attacker has to do is configure Windows to hide folders . For more vital information visit (http://privacy.getnetwise.org/sharin.../hide-instruct)

Viruses

A virus, in a nutshell, is a program that does bad things. Viruses are mostly made in a programming language called visual basic. Viruses are mostly in a executable program, meaning you have to download something before the viruses works. E-mail viruses work the same way, but through e-mail attachments. Once the victim has downloaded the e-mail attachment, the virus goes to work. Many times it duplicates itself and infects other programs. Viruses can delete important programs and files and cause your computer to act funny and do things they're not supposed to. There's a lot of varieties of viruses than what is in this paper, but that's basically what a virus does. (More on this topic please go to) (http://www.viruslist.com/en/viruses/...pter=152540474)

Protection

How do you protect your computer from e-mail viruses?

1. DO NOT DOWNLOAD FROM SITES YOU DO NOT TRUST
2. After every download, run a virus scan
3. Update your anti-virus software frequently
4. Before you download any attachment, run an anti-virus scan on it.

Conclusion

As you can see, there are many way that an attacker can hurt your computer. Lets reveiw.

1. They can steal personal and financial information
2. They can cause your computer to delete important information
3. They can cause your computer to malfunction
4. They can infect other computers from your computer

As you can see, there are many ways for attackers to destroy your computers. The sad thing is some people think hacking a computer is some sort of thing they can do anytime for fun. Children in school need to know that it's not a good idea to use their knowledge to hack. They shouldn't hack just because they think it's cool.Many places that don't have anti-virus software include libraries, both in school and in public. The libraries might think that it's not important to have anti-virus software or they simply don't think they can afford it. They should find a way to get the protection. Hackers can hack your computer only to use it to hack something bigger and better with your computer, making it seem like you're the one who hacked it.

a) Routinely installing security patches is the best deterrent.
b) Anti-virus software, and must be kept up-to-date with new pattern files at least every few days.
c) used of a firewall.
d) Never open attachment that received from someone we don’t know or trusted sources.